Member asked me to send a virus?

Sorry if this is the wrong place to post. I searched for hours related to my question with no positive outcome.

If one were to be in this situation here on this forum, and it happen to be about viruses being detected or not detected. If a member were to ask you to send them the viruses of that topic what could some of you advise or suggest? Now this has been done to me and so far being new here I will not report if that is the case. I’ll just ignore it. I want to make sure this is something that is “OK” to be done on this forum. And of course if the one and only (specific member) responds to this I do not mean to be bias, but you know where I stand. ;D

Forward the virus on to Avast so that they can block it for the rest of the users.
I don’t know of any reason to forward the virus to a member (user) of this forum.

The short answer is ‘never’ send a virus to anyone other than directly to avast for analysis.

Longer answer - No forum member should ask you to send them the virus; this isn’t a quasi malware distribution centre, it is a support forum.

You have no control over what they may do with it, even it is supposedly for there malware samples database. Why they would need on is questionable.

Personally I would report the request to one of the moderators.

Personally I would report the request to one of the moderators.
That would be me asking, as you know i like to play with them David and if not detected they will end up in Malwarebytes / Superantispyware inbox....or avast! ;)

I still don’t agree with it, as can be seen in this instance it puts undue pressure on a forum member as to the legitimacy of the request. Not to mention that the forums are for avast! support and shouldn’t be used for malware distribution/collection.

All samples should be sent directly to avast and only to avast.

Then i guess samples i find on other forums not detected by avast! should not be sendt to avast as that would be distributing malware…

According to what has been said in above posts, I will give +1 to this reply.
Sharing killed links or forward to trusted members will not hurt, if mods don’t mind.

Where you find them, is not the issue, if the sample is there and not simply a report of it. If you are able to get the sample of course sent it to avast.

What I’m saying is that by asking in the avast! forums puts pressure on the OP who is unsure if it is legit or even OK to comply, as is very clear from the OPs first post.

If it is your intention to have them send it so you can forward it to avast, then simply give them instructions on how they can do it for themselves. That way you educate them, avast gets the sample and should it happen again the OP knows what to do.

David are you saying collect them from everywhere and forward to avast, but don’t get from avast and forward to somewhere else?

If you are having to personally ask for them in another forum NO you shouldn’t do that.

If they have placed a link to a file share, etc. then they can be easily snagged and forwarded to avast.

What I don’t want to see are any file share links to undetected malware at all in the avast forums. Even when that link is broken as it doesn’t take a rocket scientist to be able to access it.

When a file share link is posted (broken or otherwise) you have zero control over who can access it and worse no control over what they may do with it, given that it is an undetected sample.

If it is your intention to have them send it so you can forward it to avast, then simply give them instructions on how they can do it for themselves. That way you educate them, avast gets the sample and should it happen again the OP knows what to do.
I did http://forum.avast.com/index.php?topic=64122.msg651282#msg651282

Ahoy avast folks,

Then there is no user check on avast detection rate.
Like Tech with his thread on missed VT scan results, I like to know about missed detections as I like to know about FP’s (the virus and worms section says a.o. it is there to report FPs). Anyone with a known MD5 hash of a file could search for a VT detection and google has no restrictions.
There are resources where we can do a follow up on particular malware and see the percentage of avast detection (No, I won’t give any links!) I regurarly sent reports to virus avast dot com, but I do hope that the avast people know a similar way to these resources of non-detects as well and there would not be created a feeling of “security through obscurity”.
Again I understand DavidR’s problems and restrictions. Know that the malcreators are reading this forum and are looking over your shoulder as well. That should be at the back of your mind. If you could present an Anubis report of the malware at stake or similar, they would not have much lead to go on. Popularity of scan sites is also working as a double sword, and who takes the responsibility, the jsunpack site has been filled up to its limits, a very valuable tool is lamed and been taken from security people (for the time being as solution to the problems are sought). I also have an eye for that particular other side of the detection coin.
And DavidR has contributed to that awareness.
That is why I will not present links to certain sites with live malware on. Even discussion of malware should be considered in that light - only pictures of script as DavidR proposes.
I do not know what DavidR thinks of a service like Norton Safe Web, all major scan service sites use the results from there and unmasked parasites (=Badbuster resources) as sucuri, webutation, Dasient (paid service) etc.
But we should give to our users the arsenal to self scan websites at urlvoid domain site, against Norton Safe Web, ipscan sites, unmasked parasites, SOSwebscan, Bitdefender’s Traffic Light, DrWeb url check, they all come up with unique results and blind spots. Do not try to hide that fact. And they should be given a platform to report back if it was only to create a better awareness of the threat theatre and build further confidence in the best free av solution in the world. No one likes to go into a blind alley blind folded, he would not feel very secure.
Malware hunting should be done in a responsible way. Some users have invested quite some time and effort in helping avast detection and the direct way should be to the avast desks.
I know pondus has comtributed a lot to avast detection and I have full confidence he will consider all that is being put out to him in a responsible way. Hope this discussion helps to these ends,

polonus

Which basically negates the need to request that the poster also send you the samples.

Which basically negates the need to request that the poster also send you the samples.
yes it would as my intention was to check the Malwarebytes / superantispyware detection tools that are often used in this forum

Thanks Polonus.

Pondus, thanks for your effort on helping improving detection.
Just a personal thought, that you can correct me if I’m wrong, but won’t it be better to submit to MBAM and SAS team instead of sending to you? Of course, the user must worry about that and lose time to submit it to more companies, but, after all, maybe just posting links to their submission center. What do you think?

IMHO, sending a live infection to any one other than Avast or another Software company
specializing in security software is dangerous and isn’t something that should be done.

Yes they can, if they know how to…and have and account

For superantispyware it is simple, download and install the sample submission tool
then you can drag and dropp sample(s) in it…or you can browse to the file
http://www.superantispyware.com/downloads/SUPERSampleSubmit.exe

For Malwarebytes you need to open an account in MBAM forum
Then you upload samples here, depending on type
http://forums.malwarebytes.org/index.php?s=288587e5bb7dabe7fb41b078ce957438&showforum=44

and here is a how they want it - Purpose of this forum
http://forums.malwarebytes.org/index.php?showtopic=31067

I agree with Pondus on this. Avast is FAR from the only A/V I send malware to. The important thing is to get samples to as many companies as possible. And that includes sending them to each other by e-mail.

For those that don’t feel safe working with live Malware, Then please don’t.